elastic · nastasha-solomon · Apr 14, 2025 · Apr 10, 2025 · Apr 10, 2025 · Apr 14, 2025
@@ -30,7 +30,7 @@ For example, you can assign **Extreme impact** to business-critical entities, or
 
 ## View and assign asset criticality [_view_and_assign_asset_criticality]
 
-Entities do not have a default asset criticality level. You can either assign asset criticality to your entities individually, or [bulk assign](#bulk-assign-asset-criticality) it to multiple entities by importing a text file. Alternatively, you can assign and manage asset criticality records through the [*Asset criticality API*](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-entity-analytics-api).
+Entities do not have a default asset criticality level. You can either assign asset criticality to your entities individually, or [bulk assign](#bulk-assign-asset-criticality) it to multiple entities by importing a text file. Alternatively, you can assign and manage asset criticality records through the [Asset criticality API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-security-entity-analytics-api).
 
 When you assign, change, or unassign an individual entity’s asset criticality level, that entity’s risk score is immediately recalculated.
 

@@ -106,6 +106,6 @@ To learn how your rules and alerts are affected by using the [logsdb index mode]
 
 Utilize the [Detection-as-Code](https://dac-reference.readthedocs.io/en/latest/dac_concept_and_workflows.html) (DaC) principles to externally manage your detection rules.
 
-The {{elastic-sec}} Labs team uses the [detection-rules](https://github.com/elastic/detection-rules) repo to develop, test, and release {{elastic-sec}}'s[ prebuilt rules](https://github.com/elastic/detection-rules/tree/main/rules). The repo provides DaC features and allows you to customize settings to simplify the setup for managing user rules with the DaCe pipeline.
+The {{elastic-sec}} Labs team uses the [detection-rules](https://github.com/elastic/detection-rules) repo to develop, test, and release {{elastic-sec}}'s[ prebuilt rules](https://github.com/elastic/detection-rules/tree/main/rules). The repo provides DaC features and allows you to customize settings to simplify the setup for managing user rules with the DaC pipeline.
 
 To get started, refer to the [DaC documentation](https://github.com/elastic/detection-rules/blob/main/README.md#detections-as-code-dac).
@@ -131,6 +131,7 @@ With alert suppression, detection alerts aren’t created for the grouped source
 
     :::{image} /solutions/images/security-timeline-button.png
     :alt: Investigate in timeline button
+    :width: 350px
     :screenshot:
     :::
 

@@ -335,6 +335,7 @@ The **Response** section is located on the **Overview** tab in the right panel.
 
 :::{image} /solutions/images/security-response-action-rp.png
 :alt: Response section of the Overview tab
+:width: 550px
 :screenshot:
 :::
 

@@ -46,7 +46,7 @@ Open a new case to keep track of security issues and share their details with co
 :screenshot:
 :::
 
-% This wasn't in the Serverless docs. Might be an ESS-only feature.
+% Check with Lisa if email notifications is an ESS-only feature. Not in Serverless docs: https://www.elastic.co/guide/en/serverless/current/security-cases-open-manage.html
 
 ## Add email notifications [cases-ui-notifications]
 
@@ -156,7 +156,7 @@ To upload files to a case, click the **Files** tab:
 
 You can set file types and sizes by configuring your [{{kib}} case settings](kibana://reference/configuration-reference/cases-settings.md).
 
-% The following note was grabbed from the Serverless docs. Check if this is Serverless only or if it's for both.
+% Check with Lisa whether following note is only applicable to Serverless or if it's for ESS too.
 
 ::::{note}
 There is a 10 MiB size limit for images. For all other MIME types, the limit is 100 MiB.
@@ -254,7 +254,8 @@ Go to the **Similar cases** tab to access other cases with the same observables.
 Each case has a universally unique identifier (UUID) that you can copy and share. To copy a case’s UUID to a clipboard, go to the Cases page and select **Actions** → **Copy Case ID** for the case you want to share. Alternatively, go to a case’s details page, then from the **More actions** menu (…), select **Copy Case ID**.
 
 :::{image} /solutions/images/security-cases-copy-case-id.png
-:alt: Copy Case ID option in More actions menu 30%
+:alt: Copy Case ID option in More actions menu
+:width: 250px
 :screenshot:
 :::